Any constraints on MTU size with IPSec?
RALEIGH NETWORKING SUPPORT CENTER (RALY - NA/ATS)
IBM eNetwork Firewall V3.2 for AIX
The customer believes he read that there is a constraint on MTU size
when using VPN where it would have to be set to 512 bytes. I could
not find this documented in my research. Is there such a constraint
The customer was also concerned that certain Internet Service Providers
might not allow passage of VPN sessions. Are you aware of any
Providers for whom this might be true? Thanks.
Earlier in the products lifecycle, we sometimes told customers to set
MTU size for the Win 95 Secure Remote client to 512, in order to
always guarantee that it would work. However, we haven't had any
problems like this in a while, so normal MTU sizes (1500 range or so)
should work for the secure remote client as well.
For tunnels between Firewalls, we've never had any MTU related size
problems. The customer should not have to modify the existing MTU sizes
in his network.
We are not aware of any specific ISPs that will not allow VPN's.
Obviously, if this is a concern for the customer, they should consult
with the ISPs sales department or technical support before engaging
a specific ISP to determine if they can support VPNs or not.
Thanks for using ASQ
WWQA: ITEM: RTA000153071 ITEM: RTA000153071
Dated: 10/1998 Category: FIREWAIX
This HTML file was generated 99/06/24~12:43:40
Comments or suggestions?